NEWYou can now listen to Fox News articles!
Dating apps are built on trust. You share personal details, photos, preferences and conversations on the assumption that they will remain private. But recent reports suggest that even some of the biggest names in online dating aren’t immune to cyberattacks, and can’t keep your private data “private.”
Dating apps Bumble and Match appear to have been caught up in a breach allegedly linked to the ShinyHunters hacking group, raising fresh concerns about how much of your private life could be exposed when these platforms are targeted.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
THOUSANDS OF IPHONE APPS EXPOSE DATA INSIDE APPLE APP STORE
Bumble, Match hit by alleged hack linked to ShinyHunters group (Yu Chun Christopher Wong/S3studio/Getty Images)
What happened with Bumble and Match
The ShinyHunters group recently claimed it had breached both Bumble and Match, adding the companies to its data leak site. For Bumble, the hackers say they stole thousands of internal documents, focusing on files marked restricted or confidential. According to reports, the data allegedly came from internal tools like Google Drive and Slack, not from user profiles.
Bumble later confirmed that one of its contractors’ accounts had been compromised in a phishing attack. The company says the attacker gained brief, unauthorized access to a small part of its network before being removed. Bumble maintains that user data was not affected. It says member databases, profiles, messages and the Bumble app itself were not accessed.
“One of our contractor’s accounts was recently compromised in a phishing incident,” a Bumble spokesperson told CyberGuy. “The account had limited access privileges and was used to make a brief unauthorized access to a small portion of our network. Our InfoSec team quickly detected and eliminated the access, and the incident is contained. We have engaged external cybersecurity experts to investigate and have notified law enforcement. Importantly, there was no access to our member database, member accounts, the Bumble application, or member direct messages or profiles.”
Match confirmed a cybersecurity incident on January 28 and said it is notifying affected users. The company maintains that the incident impacted only a limited set of user data and did not expose passwords, financial information, or private messages.
“We are aware of claims being made online related to a recently identified security incident,” a Match Group spokesperson said in a statement to CyberGuy. “Match Group takes the safety and security of our users seriously and acted quickly to terminate the unauthorized access. We continue to investigate with the assistance of external cybersecurity experts. There is no indication that user log-in credentials, financial information, or private communications were accessed. We believe the incident affects a limited amount of user data, and we are already in the process of notifying individuals, as appropriate.”
Why ShinyHunters keep showing up
ShinyHunters has been in the news repeatedly over the past few weeks after breaching several large organizations and allegedly targeting hundreds more. The group is known for phishing and vishing attacks, where attackers impersonate IT or support staff to trick employees into handing over access. Unlike traditional ransomware groups, ShinyHunters no longer focuses on encrypting systems. Instead, it concentrates on stealing data and threatening to leak it. This approach is faster, cheaper and still highly profitable. Other ransomware groups are starting to follow the same playbook.
That shift lowers the barrier to attacks. Even a single compromised employee or contractor account can expose sensitive internal systems, documents and conversations. Even when companies say user data wasn’t accessed, breaches like this still matter. Internal documents can reveal how platforms work, what tools they use and where weaknesses exist. That information can be used to plan future attacks or craft more convincing scams aimed at users.
Dating apps are especially sensitive targets because of the nature of the data involved. Names, photos, preferences and private conversations can be deeply personal. If attackers ever gain access to that kind of information, the fallout can include harassment, blackmail, or identity theft. You should always remember that dating platforms, like all online services, are only as secure as their weakest link. Often, that link is phishing.
9 steps you can take to protect yourself on dating apps
When dating platforms get breached, you usually don’t get much warning. These steps help limit what attackers can do with your information if something goes wrong.
‘ARE YOU DEAD?’ APP TAPS INTO GLOBAL LONELINESS CRISIS
Dating apps Bumble and Match face scrutiny after breach claims. (Alicia Windzio/picture alliance via Getty Images)
1) Use a strong, unique password for every dating app
If attackers steal data from one service, they almost always try the same credentials elsewhere. Using a unique password ensures that even if a dating app account is compromised, your email, social media, or banking accounts remain protected. Avoid passwords tied to your name, birthday, or location. A password manager generates and stores strong passwords so you don’t have to reuse them or write them down. Many managers also warn you if a password appears in a known breach or if you’re entering credentials on a suspicious site, which adds an extra layer of protection.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
2) Enable two-factor authentication (2FA) wherever possible
Two-factor authentication (2FA) adds a second step to the login process, usually through an app or device you control. Even if someone gets your password through phishing or a breach, 2FA makes it much harder for them to access your account.
3) Be cautious of phishing messages
Cybercriminals often follow up breaches with fake emails or in-app messages pretending to offer help or security updates. Always double-check the sender and avoid clicking links. When in doubt, open the app or website directly rather than responding to the message. Using strong antivirus software adds another layer of protection by flagging malicious links and blocking known threats before they can do harm. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
4) Limit the personal details you share
Dating apps encourage openness, but oversharing can backfire. Avoid quickly sharing your phone number, employer, home address, or social media profiles. If attackers ever gain access to messages or profiles, less exposed information means less risk of harassment or identity abuse. For added protection, identity theft protection services can help monitor for misuse of your personal information and alert you early if your data shows up in fraudulent activity. Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address, and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.
5) Reduce your digital footprint with a data removal service
A lot of targeted scams start with personal information pulled from data broker sites. Data removal services help take down your phone number, address, and other details from these databases, making it harder for attackers to target you after a breach. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Secure your email account first
Your email account controls password resets for most services. Protect it with a strong password and 2FA. Regularly review login activity and recovery settings so attackers can’t use your email to take over other accounts.
HOW RING WILL USE NEW ‘FIRE WATCH’ TOOL IN REAL TIME
Dating apps Bumble and Match appear to have been caught up in a breach allegedly linked to the ShinyHunters hacking group, Kurt “CyberGuy” Knutsson writes. (SrdjanPav/Getty Images)
7) Review app permissions and connected accounts
Dating apps often ask for more access than they truly need. That can include your contacts, photos, location, or linked social media accounts like Instagram or Spotify. If a platform or connected service is ever compromised, those permissions can expose more of your personal data than you expect. Take a few minutes to review what each dating app can access on your phone. Remove permissions that are not essential. You should also disconnect any third-party accounts you no longer use inside the app. Fewer connections mean fewer ways for attackers to reach you.
8) Watch for account changes after breach news
Not every breach leads to immediate account takeovers. In some cases, attackers quietly test access weeks later. That is why staying alert after breach reports matters. Watch for password reset emails you did not request, profile changes you did not make, or new messages you did not send. Unexpected logouts or security alerts are also red flags. If you notice anything unusual, change your password immediately and review your security settings.
9) Use built-in safety and privacy tools inside dating apps
Most major dating apps now include safety features that many users ignore. These tools are designed to limit exposure and give you more control over who can contact you. Use features like in-app messaging, video chat before meeting in person, profile visibility controls and easy blocking or reporting options. Keeping conversations inside the app for as long as possible reduces the risk of scams and limits how much personal information you expose.
CLICK HERE TO GET THE FOX NEWS APP
Kurt’s key takeaway
Dating apps thrive on intimacy, but cyberattacks turn that intimacy into a massive risk. Even when companies say user data wasn’t directly accessed, breaches show how easily attackers can get a foothold through phishing and weak accounts. If you think you have been affected, lock down your accounts, share thoughtfully and remember that anything you put online is only as private as the systems protecting it.
Do you trust dating apps to keep your personal data safe, or have breaches changed how much you share? Let us know your thoughts by writing to us at Cyberguy.com.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
